container-security-scanner

# Container Security Scanner ## Purpose - Scan images and runtime for CVEs and policy violations. ## Preconditions - Access to system context (repos, infra, environments) - Confirmed requirements and constraints - Required approvals for security, compliance, or governance ## Inputs - Problem statement and scope - Current architecture or system constraints - Non-functional requirements (performance, security, compliance) - Target stack and environment ## Outputs - Design or implementation plan - Required artifacts (diagrams, configs, specs, checklists) - Validation steps and acceptance criteria ## Detailed Step-by-Step Procedures 1. Clarify scope, constraints, and success metrics. 2. Review current system state, dependencies, and integration points. 3. Select patterns, tools, and architecture options that match constraints. 4. Produce primary artifacts (docs/specs/configs/code stubs). 5. Validate against requirements and known risks. 6. Provide rollout and rollback guidance. ## Decision Trees and Conditional Logic - If compliance or regulatory scope applies -> add required controls and audit steps. - If latency budget is strict -> choose low-latency storage and caching. - Else -> prefer cost-optimized storage and tiering. - If data consistency is critical -> prefer transactional boundaries and strong consistency. - Else -> evaluate eventual consistency or async processing. ## Error Handling and Edge Cases - Partial failures across dependencies -> isolate blast radius an...